SOC Watchfloor Analyst

This role involves monitoring computer networks for security issues, investigating breaches, documenting incidents, and working with the security team to identify and fix vulnerabilities. The analyst will also recommend IT security best practices, install security measures like firewalls and encryption, and conduct forensic analysis of intrusion information. Real-time cyber defense handling for Incident Response Teams is also a key responsibility.

Must Have

• Monitor computer networks for security issues
• Investigate and document security breaches and cybersecurity incidents
• Perform network vulnerability tests and fix detected vulnerabilities
• Install security measures and operating software (firewalls, data encryption)
• Conduct analysis, confirm intrusion information, and create forensically sound duplicates
• Decrypt data and provide technical summaries
• Examine recovered data for relevant information and perform dynamic analysis
• Perform real-time cyber defense handling tasks for Incident Response Teams (IRTs)
• Experience with Splunk Enterprise Security
• Meet eligibility requirements for access to classified information

Good to Have

• Relevant education or training

Perks & Benefits

• Medical/dental/vision insurance
• HSA
• FSA
• 401(k)
• Life, disability & ADD insurance
• Paid time off (for salaried personnel)

Description

Kforce has a client in Huntsville, AL seeking a SOC Watchfloor Analyst. Duties Include:

• Responsible for monitoring computer networks for security issues
• Investigating security breaches and other cybersecurity incidents
• Document security breaches and assess the damage they cause
• Work with the security team to perform tests and uncover network vulnerabilities, such as penetration testing
• Fix detected vulnerabilities to maintain a high-security standard
• Recommend best practices for IT security
• Installing security measures and operating software to protect systems and information infrastructure, including firewalls and data encryption programs
• Must be capable of conducting analysis, confirming intrusion information and creating a forensically sound duplicate of the files
• Decrypts data and provides technical summaries and input
• Examines recovered data for relevant information and performs dynamic analysis to include timeline, statistical, and file signature analysis
• Performs real-time cyber defense handling tasks to support deployable Incident Response Teams (IRTs)

Requirements

• Splunk Enterprise Security experience
• To be considered for this position, candidates must have experience in a similar role, or they must possess significant knowledge, experience, and abilities to successfully perform the responsibilities listed
• Relevant education and/or training will be considered a plus
• Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information